基于容器的Android加固方案
Android Reinforcement Scheme Based on the Container

作者: 崔浩亮 , 杨天长 , 牛少彰 :北京邮电大学智能通信软件与多媒体北京市重点实验室,北京;

关键词: 容器安全上下文特征Container Security Context Feature

摘要: Android作为占用大部分市场份额的智能移动开源平台,正面临着日益严重的安全威胁。虽然Android系统本身提供了一套安全保护机制来保护系统和应用的安全,但是依然存在着安全风险。为了保护Android智能手机安全,在深入分析Android系统安全机制的基础上,利用安全检测模型对应用进行分类汇总隔离形成安全容器的机制,可以有效的对Android系统及应用进行保护,同时有效地保护用户的个人数据。

Abstract: Android which takes up most of the market share of smart mobile open-source platform is facing the increasingly serious security threat. Although the Android system itself provides a set of secu-rity mechanism to protect the safety of the system and application, there is still a security risk. In order to protect the security of the Android smartphone, on the basis of in-depth analysis of An-droid security mechanism, using the safety testing model to classify, collect and isolate the appli-cations, the mechanism of the safe container is formed. It can be effective to protect the Android system, the application and users’ personal data. 

文章引用: 崔浩亮 , 杨天长 , 牛少彰 (2016) 基于容器的Android加固方案。 计算机科学与应用, 6, 65-71. doi: 10.12677/CSA.2016.62008

参考文献

[1] 腾讯移动安全实验室2015年上半年手机安全报告[EB/OL]. http://m.qq.com/security_lab/news_ de-tail_321.html

[2] Felt, A.P., Chin, E., Hanna, S., Song, D. and Wagner, D. (2011) Android Permissions Demystified. Proceedings of ACM CCS. ACM, Chicago, 17-21 October 2011, 627-638.

[3] Zhang, Y., Yang, M., Yang, Z.M., Gu, G.F., Ning, P. and Zang, B.Y. (2014) Permission Use Analysis for Vetting Undesirable Behaviors in Android Apps. IEEE Transactions on Information Forensics and Security, 9, 611-622.

[4] Gates, C.S., Chen, J., Li, N.H. and Proctor, R.W. (2014) Effective Risk Communication for Android Apps. IEEE Transactions on Dependable and Secure Computing, 11, 252-265.

[5] Gates, C.S., Li, N.H., Peng, H., Sarma, B., Qi, Y., Potharaju, R., Nita-Rotaru, C. and Molloy, I. (2014) Generating Summary Risk Scores for Mobile Applications. IEEE Transactions on Dependable and Secure Computing, 11, 238- 251.

[6] Zonouz, S., Houmansadr, A., Berthier, R., Borisov, N. and Sanders, W. (2013) Secloud: A Cloud-Based Comprehensive and Lightweight Security Solution for Smartphones. Computers & Security, 37, 215-227.
http://dx.doi.org/10.1016/j.cose.2013.02.002

[7] Conti, M., Crispo, B., Fernandes, E. and Zhauniarovich, Y. (2012) CRePE: A System for Enforcing Fine-Grained Context-Related Policies on Android. IEEE Transactions on Information Forensics and Security, 7, 1426-1438.

[8] Soltesz, S., Potzl, H., Fiuczynski, M.E., et al. (2007) Container-Based Operating System Virtualization: A Scalable, High-Performance Alternative to Hypervisors. ACM SIGOPS Operating Systems Review, 41, 275-287.
http://dx.doi.org/10.1145/1272998.1273025

[9] Chen, W., Xu, L., Li, G. and Xiang, Y. (2015) A Lightweight Virtu-alization Solution for Android Devices. IEEE Tran- sactions on Computers, 64, 2741-2751.
http://dx.doi.org/10.1109/tc.2015.2389791

分享
Top